Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-05-23_f124b3db83f8c2d9a0d4c01ce4bc7c1c_cryptolocker
-
Size
57KB
-
Sample
240523-z8d4kahb62
-
MD5
f124b3db83f8c2d9a0d4c01ce4bc7c1c
-
SHA1
f2cd411065153f130e4f2e7e31f81a1f3989906f
-
SHA256
40f4a03f529a1af4c25dde53c99bfec4a8d7cdb0abab3d8b92a4c662cda852f2
-
SHA512
0231d2708748b7fee118112a2ac9ea0b1334648799ccb08096ab46feb002150e6e0578fe2e61653331c5cd8f32b6cbc53dae75c11bd851027f19bb377d7e68d5
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e6Tg:6j+1NMOtEvwDpjr8oxExe6Tg
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-23_f124b3db83f8c2d9a0d4c01ce4bc7c1c_cryptolocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-23_f124b3db83f8c2d9a0d4c01ce4bc7c1c_cryptolocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-23_f124b3db83f8c2d9a0d4c01ce4bc7c1c_cryptolocker
-
Size
57KB
-
MD5
f124b3db83f8c2d9a0d4c01ce4bc7c1c
-
SHA1
f2cd411065153f130e4f2e7e31f81a1f3989906f
-
SHA256
40f4a03f529a1af4c25dde53c99bfec4a8d7cdb0abab3d8b92a4c662cda852f2
-
SHA512
0231d2708748b7fee118112a2ac9ea0b1334648799ccb08096ab46feb002150e6e0578fe2e61653331c5cd8f32b6cbc53dae75c11bd851027f19bb377d7e68d5
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqPOYRmNxt5QJz7/e6Tg:6j+1NMOtEvwDpjr8oxExe6Tg
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-